Lead Security Engineer

My client is late seed stage/early series A and they are looking for a Lead Security Engineer to join them, with a path to become the Head of Security in a very short timeframe. They operate in the financial services space and they must meet stringent information security obligations, and you will play a key role in building and implementing their security infrastructure.

They currently do not have dedicated security staff, but a vCISO is in place on a consulting basis, helping establish security policies. This role will bridge the gap between policy creation and hands-on implementation, working closely with the development team to ensure security measures are embedded in their operations.

This is a high-impact opportunity where you’ll build the security program from the ground up and be on a path to become the Head of Security, scaling the team as the company grows.

What You’ll Do

• Hands-on security engineering (70%) – Work within frameworks like NIST, SOC2, and ensure security operations are fully implemented.
• Compliance & security governance (30%) – Align security operations with regulatory requirements and sift through compliance documentation.
• Security Infrastructure & Operations – Work within Google Cloud (GCP) to design and implement security infrastructure and security operations programs.
• Incident Response (IR) – Lead incident response efforts, ensuring the company is prepared for potential security incidents.
• SIEM & SOAR Pipelines – Build out security monitoring and automation tools for real-time threat detection.
• Educate & Advise Leadership – The CIO is technical but not from a security background, so the ability to clearly communicate security needs and best practices is critical.
• Scalability & Growth – Help refine and grow the security program, with the long-term vision of leading the security function as the company scales.

What We’re Looking For

• 5-10 years of experience in security engineering, ideally in a fast-paced startup or early-stage company.
• Hands-on experience in security operations – including incident response (IR), security monitoring (SIEM), and automation (SOAR).
• Strong understanding of security frameworks like NIST, SOC2, ISO 27001.
• Experience implementing security programs – from policies to hands-on infrastructure security.
• Basic scripting skills (Python, Bash, etc.) for automation.
• GCP experience preferred (but AWS or Azure is also acceptable).
• Excellent communication skills – ability to explain security concepts to non-security stakeholders, including the CIO and leadership team.

Why Join?

• High-growth startup – Be part of a cutting-edge fintech at an exciting stage.
• Pathway to leadership – This role is designed to evolve into Head of Security as the company scales.
• Equity opportunity – Own a stake in the company as it grows.
• Make a real impact – Build security from zero to one in a company that values security as a core function.